EVENTS

Why the ‘Nigerian Prince’ scam is so stupid and yet so successful

I have written before about the Nigerian 419 scams (see here, here, and here). These are the ones that, in the most common variant, ask you to help in the recovery of a large sum of money that has been hidden or no is claiming and for your help you get a pretty significant cut.

I am pretty certain that all the readers of this blog have received similar appeals. I am also certain that all of us have been struck by the sheer crudeness of the messages that make them seem such obvious scams that only an idiot would fall for, and asked ourselves why they don’t try to make it at least a little more sophisticated so that they have a better chance at success.

It turns out that a computer scientist at Microsoft named Cormac Herley, who works on combating computer hacking, tried to think like a scammer, did a cost-benefit analysis and realized that this crudeness is a feature, not a bug. In his paper titled Why do Nigerian Scammers Say They are from Nigeria?, he posed the question:

Why so little imagination? Why don’t Nigerian scammers claim to be from Turkey, or Portugal or Switzer- land or New Jersey? Stupidity is an unsatisfactory answer: the scam requires skill in manipulation, considerable inventiveness and mastery of a language that is non-native for a majority of Nigerians. It would seem odd that after lying about his gender, stolen millions, corrupt officials, wicked in-laws, near-death escapes and secret safety deposit boxes that it would fail to occur to the scammer to lie also about his location.

The answer is that the obviousness of the scam is a way of increasing the signal-to-noise ratio of the responses. It is similar to the strategy that computer hackers use.

Here’s the explanation in a nutshell. It does not cost the scammers much to send out mass emails. What is costly is the time and effort to reel in a sucker once they have initially responded to the bait. That can be a time-consuming process, involving as it does customized interactions over an extended period of time. As Christopher F. Chabris and Daniel Simons write in The Wall Street Journal, it took scammers about six months to extract $80,000 from a middle-aged New England psychotherapist.

So what the scammers want to do is weed out right from the start those people who initially respond but are unlikely to send them money. In other words, they need to reduce the number of false positive signals and one way to do that is with a fairly obvious message. Herley writes:

The most profitable strategy requires accurately distinguishing viable from non-viable users, and balancing the relative costs of true and false positives. We show that as victim density decreases the fraction of viable users than can be profitably attacked drops dramatically. For example, a 10× reduction in density can produce a 1000× reduction in the number of victims found. At very low victim densities the attacker faces a seemingly intractable Catch-22: unless he can distinguish viable from non-viable users with great accuracy the attacker cannot find enough victims to be profitable. However, only by finding large numbers of victims can he learn how to accurately distinguish the two.

Finally, this approach suggests an answer to the question in the title. Far-fetched tales of West African riches strike most as comical. Our analysis suggests that is an advantage to the attacker, not a disadvantage. Since his attack has a low density of victims the Nigerian scammer has an over-riding need to reduce false positives. By sending an email that repels all but the most gullible the scammer gets the most promising marks to self-select, and tilts the true to false positive ratio in his favor.

It is a strategy that seems to be working. The cost to victims went up from an estimated $6.3 billion in 2008 to $9.3 billion in 2009. I find that figure stunning. Can there be that many gullible people and if they are so easily separated from their money, how come they still have so much money to give to these scammers? In an interview on On the Media, Simon says that some of the victims of such scams are big law firms whom you would think would know better. But since they routinely act as intermediaries for other people and wire large sums of money to foreign banks at the request of clients they don’t know personally, their guard is lowered.

How can this fraud be combated? Most of us try to increase awareness of the con by spreading the word to everyone we know not to fall for it. But that actually works in the scammers favor since the people who do respond are likely real suckers. Chabris and Simon suggest that a better way would be for as many people as possible to pretend, at least for a short while, to fall for the scam but not send money, thus increasing the number of expensive false positives the scammers have to deal with.

We need not go as far as one counter-spammer who managed to actually get money from the scammers, in addition to getting them to take photographs of themselves in silly poses. It is a hilarious story but it is probably not a good idea to go that far since these people are criminals.

Let’s not forget that the typical 419 scam is essentially asking you to launder embezzled money. So on top of being gullible you have to also have a callous disregard for the impoverished Nigerians that (supposedly) that you are stealing from.

I get several such e-mails every day. These days, few actually claim to be from Nigeria or to involve princes. The rest pretend to be embezzling businessmen from all over the world (though still Africa is overrepresented) or relatives of recently deceased dictators (obviously, Libya is popular right now) or heirs of rich businessmen (a “wealthy cocoa merchant” from Ghana, who later became a “wealthy cocoa and GOLD merchant”, all-caps in the original, was popular for some time).

A lot of the scammers openly admit to being embezzlers or whatnot in the opening email to weed out people who might go to the authorities. I mean, how do you go to the cops to complain that you responded to an email that said “Hey dude, can you help me with my crimes by committing some crimes for me?” and it turned out to be a scam?

I’ve played the 419 game with an opposite who’s IP put him just outside of Lagos, Nigeria. I may not have delayed him much, but I was able to occupy some of his time for a couple of days. I feel this is useful in that time spent with me is time not spent defrauding others. That fraud started with a request to help a family member in trouble overseas by wiring money.
In a similar line, I believe I’ve been placed on a ‘do not call’ list run by phone solicitors. After a couple of dinnertime calls in which I led on the caller as long as I could and after admitting that that was my goal, I’ve completely stopped getting phone calls trying to get me to buy. I can’t prove it, but it’s plausible that my number has been marked as someone not worth calling.

I’ve seen another countermeasure against these advance-fee scams: request that they use one’s PayPal address or something similar. The idea here is to provide a bank-account ID that they can’t withdraw money from — only deposit money into.

There’s a version from the 19th cy. and maybe earlier, the Spanish Prisoner scam, where one pays what’s supposedly ransom money for an aristocrat imprisoned in Spain.

I’ve seen lots of variations on the Nigerian scam, like some white farmers in Zimbabwe who want to get their money out before Robert Mugabe’s cronies can get their hands on it. Most recently, there have been relatives and associates of deposed Arab leaders like Hosni Mubarak and Muammar Khadafy.

I felt a lot more empathy for the scammers after reading it … often they are young kids who are good enough at english and have the time to spend all day trying to find that one in a thousand who will produce cash. If the kid is successful, he can make a relative fortune, but if he doesn’t make quota, he is in for a beating by the ringleader. And if he gets caught, he goes to jail, while the kingpins just replace him with another kid.

sounds like your trying to make these scammers appear clever in the middle article …there emails are badly written because they speak pigeon english and most of scammers are as thick as fuck..look at the videos of these idiots on youtube ,performing ridiculous acts to prove they are genuine .

i fell into the trap of HONDA UK LOTTERY where i was speaking to a nigerian over the phone who said is in my country and paid my a lot of money to meet me in person to hand over the lottery and prize…. i have almost lost half of my property behind it…. and there is nothing that we can do to catch them

[…] these types of abuse, but there are plenty of users who still get taken in. I am amazed that the Nigerian prince still gets people to fall for their emails. It is so well known it has even spawned it’s own parody […]